On Apr 20, 2010, at 08:32 , Andreas Jellinghaus wrote: > Am Montag 19 April 2010 21:05:12 schrieb Anders Rundgren: >> The alternative, using an ever increasing number of userid/passwords >> pairs does not seem like the best idea either. So it is one lousy >> idea against another lousy idea? May the lousiest idea win :-) > > here is mine: use smart phones. > > we can write programs and even change the operating system, so that > makes development easy. > > they have all kinds of communication mechanism, so we can choose whatever > we want (e.g. usb, bluetooth, wlan). > > they aren't as restricted as cards, so development is easy. > > I would like to see: ....
For me it seems like a mixed up list of technology and features. Sometimes marketroids or journalists use such constructs to explain complex technical solutions. For example, in Estonia, the card is locked and static, yet all the applications that work *with* the card or some data present on the card, are assigned to be "features of the card" when they actually have very little to do with the electronical capabilities of the card and are usually different solutions altogether. Like ticketing, where a central database keeps track of tickets and you can for example give your drivers license instead of the ID card, is still called an "ID-card ticket" So as much as I'd like to see such *functionality* (like proximity screenlocks, central administration, signature devices with a proper secure display etc) they don't have a solution that can be fixed universally with TheNewDevice or ThisNewSoftware, or just a piece of technology or smart cards to be precise. For example, bluetooth proximity screenlock things exist and for example WPKI (PKI applets in SIM cards as SIM toolkit applications) exist in Estonia/nordic/Turkey, but it is next to impossible to make them work together because even if the technology was here, you would have to have 1:1 deals with SIM owners (telcos) to make it happen. >From software perspective, central administration exists, if you use >"compliant software". Windows almost has it (with AD and cryptoapi combined), >Mac OS X tries to have it (with keychain services), Linux maybe wants to have >it, but I don't think this will ever happen soon, unless some big organization >decides to fix it once and forever and even then there will be the "other >software" that will not follow it. Last but not least, there needs to be a balance between (security)features and price, and nifty features like trusted PDA-s (such as [1]) with a kickass display, verified firmware (not needed if you don't care) don't come cheap. [1] http://www.gdc4s.com/content/detail.cfm?item=32640fd9-0213-4330-a742-55106fbaff32 -- Martin Paljak http://martin.paljak.pri.ee +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
